This Story About How the FBI Tracked Down an Alleged Child Porn ‘Terrorist’ Is Nuts

By Adam Clark Estes on at

Self-proclaimed cyber terrorists tend to have one thing in common: They think police can’t catch them. And almost always, these sad men sitting at computers are wrong. That seems to be the case with Brian Kil, a fictional Facebook bad guy who liked to extort underage girls into sending him nudes, according to the FBI. The story behind Brian Kil is a crazy one, but the story of how the FBI caught the suspect they believe to be behind the crimes is even crazier.

It all started around 2012, when someone using the alias “Brian Kil” allegedly started sending messages to young girls on Facebook. He’d tell the minors that he had sexually explicit images of them and would send them to her family and friends if they didn’t send him more. Generally, this sort of action is known as “sextortion.” When the victim is underage, the crime is “sexual exploitation of a child,” a charge that can lead to a life sentence.

A recently unsealed FBI filing claims that Brian Kil targeted victims in “at least 10 federal districts” over the course of five years and extorted images of girls as young as 12. The first victim outlined in the FBI filing claims that Kil talked one girl into sending him naked pictures of herself which he then posted to a Facebook account, thus engaging in child pornography. When the victim started to resist, Kil allegedly threatened a Columbine-style attack on her high school, Plainfield High in Plainfield, Indiana in North America, as well as neighbouring Dansville High School the following day. Here’s a snippet of that threat — it’s graphic:

This led to both high schools closing and sent the towns into mild chaos as they tried to figure out who Brian Kil was and how to stop him. It also earned the suspect behind the Brian Kil character two additional charges: threats to use an explosive device and threats to injure. However, law enforcement were unable to locate this Kil, because the IP address connected to the account was a Tor access node. In other words, the suspect was using the Tor anonymity network to hide his location.

The story only gets crazier after that. Kil eventually moved on from Plainfield and targeted more victims, the filing states. He introduced new aliases and created dozens of Facebook accounts to contact victims, while also using text messages, Twitter, and Dropbox to communicate with the victims. Kil also apparently bragged about never getting caught, saying things like this:

The thing about the FBI, though, is that it’s very good at catching criminals. So when the agency got in contact with one of Kil’s victims while she was still communicating with the suspect, the feds created a non-pornographic video and inserted a small piece of code known as a NIT into the file that would record the real IP address of the suspect and then send it back to the FBI. The victim sent the video to Kil using a Dropbox link only she and Kil had access to. Sure enough, the suspect watched it. The feds got the IP address and traced it to a house in Bakersfield, California.

But wait there’s more. In order to solidify their case against the suspect, the FBI agents installed a camera on a pole outside of the house linked to the IP address. They also added surveillance to the internet traffic coming and going from the location. Sure enough, the feds identified a 26-year-old man named Buster Hernandez who seldom left the house. But when his girlfriend went to work, Buster allegedly logged on to the Tor network. Using the wiretap, the FBI says it also found instances of the suspect’s IP address viewing images of Columbine on 4chan as well as what appears to be child pornography on imgur.

All of this led to the arrest of Buster Hernandez on Monday, August 7. It also gives the terrorised residents of Plainfield and Dansville hope that their years-long hunt for the infamous Brian Kil is over. Finally, it serves as yet another reminder that trying to become “the worst cyber terrorist that ever lived” is a bad idea. Authorities are increasingly savvy when it comes to the internet and simply using Tor isn’t enough to keep you out of the FBI’s crosshairs.

You can read the surprisingly gripping FBI file on the Brian Kil investigation here.

[TechCrunch]